THE PROLABTM SUITE OF POWERFUL TESTING TOOLS COMPLIES WITH THE MOST RECENT INDUSTRY STANDARDS AND IS SUITABLE FOR USE IN VARIOUS STAGES OF THE PRODUCT DEVELOPMENT CYCLE, QA AND PRE-DEPLOYMENT. THE PRODUCTS PERFORM ESSENTIAL AUTOMATED TESTS FOR IMS, SIP, 3G-324M AND H.323 NETWORKS AND DEVICES, INCLUDING PERFORMANCE, LOAD, STRESS, INTEROPERABILITY, MEDIA AND PROTOCOL COMPLIANCE. TESTING IS SCRIPT-DRIVEN, WHICH ALLOWS FOR MAXIMUM FLEXIBILITY AND CUSTOMIZATION, AND ENABLES THE TESTS TO BE RE-USED. THE TESTING SUITE CONTAINS HUNDREDS OF PRE-WRITTEN SCRIPTS, CANNED MESSAGES AND MEDIA FILES TO ALLOW FOR TURNKEY TEST SETUP.

THESE HIGHLY SCALABLE AND FEATURE-RICH TESTING AND VALIDATION PRODUCTS EMULATE A WIDE RANGE OF REAL-WORLD NETWORK CONDITIONS TO TEST DEVICES AND COMPONENTS IN THE RICH MEDIA COLLABORATIVE NETWORKS. THE PROLAB SUITE ALLOWS VENDORS AND SERVICE PROVIDERS TO PERFORM THE RIGOROUS TESTING AND VALIDATION NEEDED TO ENSURE HIGH QUALITY, DEPENDABLE PRODUCT DEPLOYMENT. THE PROLAB SUITE SIMULATES DIFFERENT NETWORK TOPOLOGIES AND IS SPECIFICALLY DESIGNED TO PERFORM ADVANCED SIGNALING AND MEDIA TESTS. A HIGHLY SOPHISTICATED SCHEDULING SYSTEM ENABLES COMPREHENSIVE AUTOMATED TEST PROCEDURES DURING TESTING CYCLES. THE CLIENT/SERVER APPLICATION IS CAPABLE OF MANAGING SINGLE OR MULTIPLE TEST AGENTS, SUCH AS IMS, SIP, H.323 OR 3G-324M

THE OPEN IMS CORE IS AN IMPLEMENTATION OF IMS CALL SESSION CONTROL FUNCTIONS (CSCFS) AND A LIGHTWEIGHT HOME SUBSCRIBER SERVER (HSS), WHICH TOGETHER FORM THE CORE ELEMENTS OF ALL IMS/NGN ARCHITECTURES AS SPECIFIED TODAY WITHIN 3GPP, 3GPP2, ETSI TISPAN AND THE PACKETCABLE INTIATIVE.

SIPTESTTOOL IS USED TO PROVIDE YOU A GRAPHIC USE INTERFACE SIP TEST TOOL WHICH CAN BE USED AS A TEST TOOL FOR THE TELE-GROUPS TO TEST THEIR CORE-NETWORK SOFTWARE WHICH SUPPORT SIP PROTOCOL OR AS A AS OR IMS IMPLEMENT IN 3GPP.

THE HAMMER CALL ANALYZER ENABLES USERS TO VISUALIZE SIGNALING AND VOICE QUALITY PROBLEMS IN VOIP NETWORKS. FOR EXAMPLE, THE UNIQUE CALL LIST AND MULTISTAGE CALL FLOW DISPLAY FEATURES WALK ENGINEERS THROUGH THE LEGS OF A PARTICULAR CALL. IN ADDITION, THE HAMMER CALL ANALYZER DISPLAYS WAVEFORMS AND THE STREAM QUALITY SIGNATURE FOR ANY CALL. THESE FEATURES ALLOW ENGINEERS TO VISUALIZE PROBLEMS IN THE EXCHANGE OF MESSAGES BETWEEN THE VARIOUS DEVICES AND TO QUICKLY SOLVE THEM.

VALID8.COM, THE MARKET LEADER IN CONFORMANCE AND CUSTOM EMULATION TESTING OFFERS A WIDE RANGE OF TESTING SOLUTIONS FOR VOICE OVER IP (VOIP), NEXT GENERATION NETWORKS (NGN) AND LEGACY PUBLIC SWITCHED TELEPHONE NETWORKS (PSTN) DESIGNED TO ACCELERATE DEPLOYMENT.

TRACEBUSTER WILL SAVE YOU COUNTLESS HOURS OF DIGGING THROUGH CAPTURE FILES! USE THE FREE TRACEBUSTER TO REPLAY/ANALYZE CALL FLOWS FROM LIBPCAP FORMAT FILES OR STEP UP TO THE PROFESSIONAL EDITIONS FOR INTEGRATED CAPTURE AND REPLAY AND AN UNRIVALED VALUE PROPOSITION!

THE IP MULTIMEDIA SUBSYSTEM (IMS) PROVIDES RICH MULTIMEDIA SERVICES ACROSS BOTH NEXT-GENERATION PACKET-SWITCHED AND TRADITIONAL CIRCUIT-SWITCHED NETWORKS FOR SERVICES AND APPLICATIONS; IT ALSO ENABLES TELCOS, MOBILE OPERATORS, AND OTHER SERVICE PROVIDERS. THE SUBSYSTEM IS STANDARDS-BASED AND USES OPEN INTERFACES AND FUNCTIONAL COMPONENTS THAT CAN BE ASSEMBLED FLEXIBLY INTO HARDWARE AND SOFTWARE SYSTEMS TO SUPPORT REAL-TIME INTERACTIVE SERVICES AND APPLICATIONS.
IBM SIMULATORS FOR IP MULTIMEDIA SUBSYSTEM CAN BE USED FOR DEVELOPING, TESTING, AND DEMONSTRATING SIMPLE IMS APPLICATIONS AND PROOFS-OF-CONCEPT (POC) OF SPECIFIC IMS ARCHITECTURE COMPONENTS. THESE SIMULATORS PROVIDE AN EASY WAY FOR USERS TO SIMULATE AND TEST THE IMS COMPONENTS WITHOUT ANY COMPLEX SET-UP OF IMS SERVERS OR ARCHITECTURE CONFIGURATION.

ASTEROID IS A SIP DENIAL OF SERVICE TESTING TOOL. IT CONSISTS OF OVER 36,000 UNIQUE SIP PACKETS AND CAN BE QUICKLY MODIFIED TO CREATE OTHERS. PACKETS ARE GROUPED INTO THEIR RESPECTIVE TYPES (INVITES, BYE, CANCEL, ETC.) AND CAN BE SENT INDIVIDUALLY OR CALLED FROM A SHELL SCRIPT AND SENT IN CLUSTERS. ASTEROID HAS EFFECTIVELY CRASHED ALL VERSIONS OF ASTERISK UP UNTIL 1.2.13 AND GREATER WHICH WERE PATCHED AGAINST THE SEQUENCE WHICH CAUSED THE CRASH.

SIPVICIOUS TOOLS ADDRESS THE NEED FOR TRADITIONAL SECURITY TOOLS TO BE PORTED TO SIP. THIS PACKAGE CONSISTS OF A SIP SCANNER, A SIP WARDIALER, AND A SIP PBX CRACKER. THESE TOOLS WERE WRITTEN IN PYTHON.

EACH SIPSPY THAT CONNECTS TO A SPYAGENT, MUST AUTHENTICATE ITSELF USING A LOGIN AND PASSWORD, THESE ARE TRANSFERRED USING A DIGEST METHOD, SO THAT PASSWORDS DONT TRAVEL IN CLEAR-TEXT, AND REPLAY ATTACKS ARE AVOIDED. ALSO EACH USER IS ASSIGNED A ROLE: PLAIN OR ADMIN. ADMINS CAN CHANGE THE DEVICE ON WHICH THE SIPSPY IS MONITORING, AND CAN CHANGE THE BPF FILTER, WHEREAS PLAIN USERS CANNOT. ALSO, YOU CAN PROVIDE SPYAGENT WICH A REGEXP FOR EACH OF THE USERS. THEN, WHEN A SIPSPY PROVIDES A NEW REGEXP TO MATCH SIP PACKETS, SPYAGENT WILL MATCH THE REGEXP TO THAT REGEXP (THAT IS, A REGEXP ON A REGEXP), SO YOU CAN LIMIT THE REGEXP'S THAT USERS CAN USE TO MONITOR SIP TRAFFIC.

SIP DIALOGS/SESSIONS SAVE AND LOAD: SIPSPY CAN SAVE THE MONITORED PACKETS IN AN XML FILE, SO THAT WHEN SOMEONE DETECTS A BUG IN THE SIP NETWORK, THEY CAN SAVE A COPY OF THE SIP DIALOG AND SEND IT TO THE ADMINISTRATORS TO ADDRESS IT.

SERVER-BASED SESSION SAVING: IF ONE OF YOUR USERS/ADMINS DETECTS A BUG IN THE SIP NETWORK, YOU CAN ASK HIM TO REPRODUCE THE BUG AND MONITOR ALL THE SIP PACKETS INVOLVED, AND THEN SAVE THAT SIP SESSION TO THE SERVER, SO THE NEXT MORNING WHEN DEVELOPERS GO TO WORK, THEY CAN DOWNLOAD FROM THE SERVER THE BUGGY SIP DIALOG.

THIS SOFTWARE WAS BORN AS A PROF CONCEPT IDEA TO CAPTURE SIP TRAFFIC FROM A REMOTE HOST (SIP PROXY, GATEWAY, ETC) AND SHOW LIVE SIP MESSAGES ABOUT AN SPECIFIC DIALOG (FILTERED BY THE FROM SIP USER) TO HELP DEBUG SIP TRANSACTIONS IN A FRIENDLY WAY.

WITH THE SIP PROXY TOOL YOU WILL HAVE THE OPPORTUNITY TO CHECK AND MANIPULATE SIP MESSAGES. FURTHERMORE YOU WILL BE ABLE TO RUN SEVERAL AUTOMATED ATTACKS AND GETTING THE RESULTS AS A REPORT. SOME OF THESE ATTACKS WILL USE FUZZING TECHNOLOGY.

SIP MESSENGER IS JAVA SOFTWARE THAT ALLOWS YOU TO SEND SIP TEST MESSAGES FROM TEXT FILES OVER UDP TO YOUR SIP IMPLEMENTATION AND, OPTIONALLY, LISTEN FOR RESPONSES. THE MESSAGES CAN BE SENT USING A COMMAND LINE UTILITY (MESSENGER), SUITABLE FOR INVOCATION BY AUTOMATED SCRIPTING, OR VIA A GUI (MESSENGERGUI). DEVELOPERS CAN USE THIS SOFTWARE TO CONSTRUCT THEIR OWN SIP MESSAGES THAT CAN BE PUSHED ONTO SIP SERVERS OR USER AGENTS (POSSIBLY IN CONJUNCTION WITH THE SIP CENTER¹S OWN SIP RESOURCES – THE SIP NETWORK SERVER AND UA). THIS TOOL IS ESPECIALLY USEFUL FOR STRESS TESTING PRODUCTS WITH SCENARIOS THAT ARE OTHERWISE DIFFICULT TO REPRODUCE. THIS SOFTWARE HAS BEEN MADE AVAILABLE BY UBIQUITY SOFTWARE CORPORATION; FOUNDER OF THE SIP CENTER

PJSIP-PERF IS A COMPLETE PROGRAM TO MEASURE THE PERFORMANCE OF PJSIP OR OTHER SIP ENDPOINTS. IT CONSISTS OF TWO PARTS:

THE SERVER, TO RESPOND INCOMING REQUESTS

THE CLIENT, WHO ACTIVELY SUBMITS REQUESTS AND MEASURE THE PERFORMANCE OF THE SERVER.

BOTH SERVER AND CLIENT PART CAN RUN SIMULTANEOUSLY, TO MEASURE THE PERFORMANCE WHEN BOTH ENDPOINTS ARE CO-LOCATED IN A SINGLE PROGRAM.
THE SERVER ACCEPTS BOTH INVITE AND NON-INVITE REQUESTS. THE SERVER EXPORTS SEVERAL DIFFERENT TYPES OF URL, WHICH WOULD CONTROL HOW THE REQUEST WOULD BE HANDLED BY THE SERVER:

URL WITH "0" AS THE USER PART WILL BE HANDLED STATELESSLY. IT SHOULD NOT BE USED WITH INVITE METHOD.

URL WITH "1" AS THE USER PART WILL BE HANDLED STATEFULLY. IF THE REQUEST IS AN INVITE REQUEST, INVITE TRANSACTION WILL BE CREATED AND 200/OK RESPONSE WILL BE SENT, ALONG WITH A VALID SDP BODY. HOWEVER, THE SDP IS JUST A STATIC TEXT BODY, AND IS NOT A PROPER SDP GENERATED BY PJMEDIA.

URL WITH "2" AS THE USER PART IS ONLY MEANINGFUL FOR INVITE REQUESTS, AS IT WOULD BE HANDLED CALL-STATEFULLY BY THE SERVER. FOR THIS URL, THE SERVER ALSO WOULD GENERATE SDP DYNAMICALLY AND PERFORM A PROPER SDP NEGOTIATION FOR THE INCOMING CALL. ALSO FOR EVERY CALL, SERVER WILL LIMIT THE CALL DURATION TO 10 SECONDS, ON WHICH THE CALL WILL BE TERMINATED IF THE CLIENT DOESN'T HANGUP THE CALL.

SIPP IS A PERFORMANCE TESTING TRAFFIC TOOL FOR THE SIP PROTOCOL. IT INCLUDES A FEW BASIC SIPSTONE USER AGENT SCENARIOS (UAC AND UAS) AND ESTABLISHES AND RELEASES MULTIPLE CALLS WITH THE INVITE AND BYE METHODS. IT CAN ALSO READ XML SCENARIO FILES DESCRIBING ANY PERFORMANCE TESTING CONFIGURATION. IT FEATURES THE DYNAMIC DISPLAY OF STATISTICS ABOUT RUNNING TESTS (CALL RATE, ROUND TRIP DELAY, AND MESSAGE STATISTICS), PERIODIC CSV STATISTICS DUMPS, TCP AND UDP OVER MULTIPLE SOCKETS OR MULTIPLEXED WITH RETRANSMISSION MANAGEMENT, REGULAR EXPRESSIONS AND VARIABLES IN SCENARIO FILES, AND DYNAMICALLY ADJUSTABLE CALL RATES.
SIPP CAN BE USED TO TEST MANY REAL SIP PLATFORMS LIKE SIP PROXIES, B2BUAS, SIP MEDIA SERVERS, SIP/X GATEWAYS, SIP PBX…. IT IS ALSO VERY USEFUL TO EMULATE THOUSANDS OF USER AGENTS CALLING YOUR SIP SYSTEM.

RTPBREAK DETECTS, RECONSTRUCTS AND ANALYZES ANY RTP [RFC1889] SESSION THROUGH HEURISTICS OVER THE UDP NETWORK TRAFFIC. IT WORKS WELL WITH SIP, H.323, SCCP AND ANY OTHER SIGNALING PROTOCOL. IN PARTICULAR, IT DOESN'T REQUIRE THE PRESENCE OF RTCP PACKETS (VOIPONG NEEDS THEM) THAT AREN'T ALWAYS TRANSMITTED FROM THE RECENT VOIP CLIENTS.

DISTRIBUTED SIP ANALYZER IS A SIP PROTOCOL ANALYZER FOR UNIX. IT ALLOWS YOU TO EXAMINE SIP FROM DIFFERENT LOCAL AREA NETWORK. YOU CAN INTERACTIVELY BROWSE THE CAPTURE DATA, VIEWING CALLFLOW SEQUENCE DIAGRAM AND DETAIL INFORMATION FOR EACH SIP SESSION.

THE CALLFLOW SEQUENCE DIAGRAM GENERATOR IS A COLLECTION OF AWK AND SHELL SCRIPTS THAT WILL TAKE A PACKET CAPTURE FILE THAT CAN BE READ BY ETHEREAL AND PRODUCE A TIME SEQUENCE DIAGRAM. THIS IS USEFUL TO VIEW AND DEBUG SIP CALLFLOWS OR OTHER NETWORK TRAFFIC

SIPFLOW STANDARD CAPTURES DATA ON A SINGLE HOST AND DISPLAYS SIP CALLFLOWS IN AN INTUITIVE GRAPHICAL FORMAT. SIP MESSAGES MAY BE VIEWED AS LADDER DIAGRAMS, OR THEIR CONTENTS MAY BE INSPECTED BY DOUBLE CLICKING AN ARROW IN THE LADDER DIAGRAM. THIS ALLOWS NETWORK ENGINEERS TO QUICKLY IDENTIFY THE BEHAVIOR OF THEIR SIP NETWORK WITHOUT TRACING THROUGH LOG FILES OR RAW CAPTURES.

THIS PROGRAM MAKES SIP CALLFLOWS (SCENARIOS) DIAGRAMS FROM A SIGNALING TRACE. THE PROGRAM READS THE LIBPCAP OUTPUT FORMAT CREATED BY ETHEREAL, TCPDUMP, ETC) AND CREATES SIP SCENARIO (CALL FLOWS).

EACH ETHERNET PACKET THAT IS CONTAINED IN THE LIBPCAP TRACE FILE IS CALLED A PHYSICAL FRAME. EACH PACKET IS GIVEN A SEQUENCE NUMBER CALLED THE PHYSICAL FRAME NUMBER. THE PHYSICAL FRAME NUMBER IS USED FOR DOCUMENTATIONS AS A REFERENCE TO A FIXED LOCATION.
EACH SIP MESSAGE THAT IS DISPLAYED IS IDENTIFIED BY A SEQUENTIAL NUMBER CALLED THE SIP FRAME NUMBER.
ALL UDP AND TCP PACKETS WILL BE WILL BE PARSED TO CHECK IF THERE ARE SIP MESSAGES OR NOT. NON-SIP MESSAGES WILL BE AUTOMATICALLY FILTERED OUT OF THE DISPLAY.
DIFFERENT SIP CALLS (BASED ON CALLID) WILL BE INDICATED IN DIFFERENT COLORS. LINKS ARE MADE FROM THE SIP SCENARIO (CALL FLOW) TO THE ACTUAL SIP MESSAGE (FRAME DATA).

SIPBOMBER IS INVALUABLE TOOL FOR SIP DEVELOPERS INTENDED FOR TESTING SIP-PROTOCOL IMPLEMENTATION AGAINST RFC3261. CURRENT VERSION CAN CHECK ONLY SERVER IMPLEMENTATIONS – (PROXIES, USER AGENT SERVERS, REDIRECT SERVERS, AND REGISTRARS). THIS PROGRAM IS DISTRIBUTED UNDER TERMS OF GPL.

THESE MESSAGES WERE DEVELOPED AND REFINED AT THE SIPIT INTEROPERABILITY TEST EVENT. DURING THE EVENTS PROBLEMATIC MESSAGES WERE NOTED AND RELEASED AS AN IETF-DRAFT. IT DEFINES TENS OF VALID AND INVALID MESSAGES, DESCRIBES THEM AND GIVES DIRECTIONS AS TO HOW THE SIP APPLICATION SHOULD REACT.

THE PURPOSE OF THIS TEST-SUITE IS TO EVALUATE IMPLEMENTATION LEVEL SECURITY AND ROBUSTNESS OF SESSION INITIATION PROTOCOL (SIP) IMPLEMENTATIONS. THE FACTORS BEHIND CHOOSING SIP INCLUDED:

SIP HAS MATURED FROM ACADEMIC INTEREST INTO INDUSTRIAL PROTOCOL WITH POTENTIAL FOR WIDE DEPLOYMENT. HOWEVER, FIELD USAGE APPEARS TO BE IN EARLY STAGES. THIS STAGE OF THE LIFE-CYCLE IS BOTH AN OPPORTUNITY AND A CHALLENGE FROM SOFTWARE VULNERABILITY PROCESS PERSPECTIVE. BY APPLYING THE PROTOS APPROACH IN THIS CONTEXT WE HOPE TO PROVE THAT THE EARLY BIRD CATCHES THE WORM IN SENSE THAT PATCH AND PENETRATE CYCLES WITH RESPECT TO SOME TRIVIAL VULNERABILITIES MAY BE AVOIDED.

FURTHERMORE SIP IS BEING ADOPTED BY THE THIRD GENERATION PARTNERSHIP PROJECT (3GPP) AS PART OF THE THIRD GENERATION MOBILE ARCHITECTURE.

THE SIP FAMILY OF SPECIFICATIONS IS EXPANDING AND SOME ASPECTS ARE UNDER DEVELOPMENT. THIS ENCOURAGES SIP AS A NATURAL CANDIDATE FOR EXPERIMENTING WITH ITERATIVE IMPROVEMENT OF A ROBUSTNESS TEST-SUITE WITH MORE COMPREHENSIVE RELEASES TO FOLLOW.

A HTTP-LIKE ASCII PRESENTATION OF THE SIP MESSAGES MAY INITIALLY ATTRACT MORE SCRIPT-KIDDIE LEVEL HOSTILITY (VULNERABILITY ASSESSMENT) THAN THE RIVAL PROTOCOLS WITH COMPLEX ENCODINGS HAVE ATTRACTED SO FAR. IN THIS TEST-SUITE, THE FOCUS WAS SET ON A SPECIFIC PROTOCOL DATA UNIT (PDU), NAMELY INVITE MESSAGE. RATIONALE BEHIND THIS SELECTION WAS:

TWO IMPORTANT SIP ENTITY TYPES, USER AGENTS AND PROXIES, HAVE TO SUPPORT THE INVITE-METHOD.

SIP USER AGENTS AND SIP PROXIES ARE BY DESIGN READY TO ACCEPT INCOMING INVITATIONS WITHOUT PRIOR SESSION SETUP. THIS EXPOSES A NATURAL ATTACK VECTOR THAT SHOULD BE SCRUTINIZED WITH TOP PRIORITY.

THE INVITE-METHOD CONTAINS A WIDE RANGE OF HEADER-FIELDS AND MAY CARRY SESSION DESCRIPTION PROTOCOL (SDP) DATA. THUS A CONSIDERABLE PORTION OF THE UNDERLYING CODE IS EXPOSED TO TESTING VIA SINGLE PDU-TYPE.

THE PURPOSE OF THIS TEST-SUITE IS TO EVALUATE IMPLEMENTATION LEVEL SECURITY AND ROBUSTNESS OF H.225.0 IMPLEMENTATIONS. H.225.0 IS A PROTOCOL RESPONSIBLE FOR SIGNALING AND SETTING UP H.323 CALLS. THE FACTORS BEHIND CHOOSING H.225.0 INCLUDED:

H.323 IS THE DE-FACTO STANDARD FOR VOICE OVER IP (VOIP) AND CONFERENCING AND IT IS WIDELY DEPLOYED. MOREOVER, BASED ON LACK OF PRIOR KNOWN VULNERABILITY ANNOUNCEMENTS IT APPEARS THAT THE H.323 HAS NOT BEEN CLOSELY SCRUTINIZED OR IMPLEMENTATIONS ARE UNCOMMONLY ROBUST.

H.225.0 IS THE FIRST AND MOST COMMONLY EXPOSED INTERFACE TO H.323 SESSION ESTABLISHMENT.

H.225.0 MUST BE IMPLEMENTED BY MOST H.323 COMPONENTS, NAMELY BY TERMINALS, GATEWAYS, PROXIES AND MULTI-POINT CONTROL UNITS.

DUE TO FIREWALL UNFRIENDLY AND DYNAMIC BEHAVIOR OF H.323, MANY FIREWALL PRODUCTS CONTAIN COMPLEX H.225.0 PARSING CODE THAT SHOULD BE TESTED FOR ROBUSTNESS DUE TO CRITICAL PLACEMENT OF POTENTIALLY VULNERABLE CODE. THE SCOPE OF THE TEST-SUITE WAS NARROWED TO H.225.0 VERSION 4 SETUP-PDU. RATIONALE BEHIND THIS SELECTION WAS:

SETUP IS THE FIRST MESSAGE SENT TO A TARGET H.323 ENDPOINT UPON CALL SIGNALING, IT IS EASY TO DELIVER TEST-CASES AND TO RESTORE THE IMPLEMENTATION BACK TO ITS INITIAL STATE BY DISCONNECTING.

CERTAIN SECURITY MEASURES CAN BE ENFORCED ONLY AFTER THE SETUP-PDU HAS BEEN PARSED AND IMPLEMENTATIONS ARE BY DESIGN READY TO ACCEPT INCOMING SETUP MESSAGES.

H.225.0 IMPLEMENTS A SUBSET OF RECOMMENDATION Q.931 WHICH IS USED IN ISDN SIGNALING. CERTAIN ELEMENTS OF Q.931 UTILIZE BER ENCODED ASN.1.

MANY INFORMATION ELEMENTS USED IN H.225.0 CAN BE INCLUDED IN SETUP-PDU.

THE USER-USER INFORMATION ELEMENT IN H.225.0 UTILIZES COMPLEX ASN.1 PACKET ENCODING RULES (PER) WHICH ARE ALSO USED IN H.225.0 RAS (REGISTRATION, ADMISSION, AND STATUS) MESSAGES BETWEEN H.323 ENDPOINTS AND GATEKEEPERS.

SIVUS IS THE FIRST PUBLICLY AVAILABLE VULNERABILITY SCANNER FOR VOIP NETWORKS THAT USE THE SIP PROTOCOL. SIVUS IS USED PRIMARILY BY DEVELOPERS, ADMINISTRATORS, NETWORK DESIGNERS, MANAGERS AND CONSULTANTS TO VERIFY THE ROBUSTNESS AND SECURITY OF THEIR SIP IMPLEMENTATIONS BY GENERATING THE ATTACKS THAT ARE INCLUDED IN THE SIVUS DATABASE OR BY CRAFTING THEIR OWN SIP MESSAGES USING THE SIP MESSAGE GENERATOR.

VOIPONG IS A UTILITY WHICH DETECTS ALL VOICE OVER IP CALLS ON A PIPELINE, AND FOR THOSE WHICH ARE G711 ENCODED, DUMPS ACTUAL CONVERSATION TO SEPARATE WAVE FILES. IT SUPPORTS SIP, H323, CISCO’S SKINNY CLIENT PROTOCOL, RTP AND RTCP. IT'S BEEN WRITTEN IN C LANGUAGE FOR PERFORMANCE REASONS, PROVED TO BE RUNNING ON SOLARIS, LINUX AND FREEBSD; THOUGH IT'S THOUGHT TO COMPILE AND RUN ON OTHER PLATFORMS AS WELL. ON A 45 MBIT/SEC ACTUAL NETWORK TRAFFIC, IT'S BEEN VERIFIED THAT VOIPONG SUCCESSFULLY DETECTED ALL VOIP GATEWAYS AND THE VOIP CALLS. CPU UTILIZATION DURING THE RUN HAS BEEN FOUND RANGING BETWEEN 66% - 80% ON A 256MB RAM, CELERON 1700 MHZ TOSHIBA NOTEBOOK.

HCL OFFERS A COMPREHENSIVE SIP TEST TOOL SUITED FOR CONFORMANCE, REGRESSION, INTEGRATION TESTING AND TEST AUTOMATION NEEDS OF SIP BASED COMPONENTS SUCH AS SIP USER AGENT AND SERVER. SIP TEST TOOL CONTAINS A CONFORMANCE TEST SUITE FOR CONFORMANCE TESTING OF DIFFERENT SIP COMPONENTS SUCH AS USER AGENT, PROXY, REGISTRAR, SIP B2BUA, PRESENCE, AND IM SERVERS AND STUN. SIP CONFORMANCE TEST SUITE PROVIDES A NUMBER OF PRE-DEFINED TEST CASES FOR CHECKING THE CONFORMANCE OF PARTICULAR NETWORK COMPONENT UNDER TEST. THESE TEST CASES CHECK FOR A SPECIFIED FUNCTIONALITY AND RETURN THE TEST RESULTS AS PASS, FAIL OR SKIP. SIP TEST TOOL PROVIDES THE HOOKS FOR TEST AUTOMATION AND WITH THE HELP OF APIS, USER CAN AUTOMATE THE ENTIRE TEST PROCESS.

YOU CAN USE WINSIP TO SIMULATE USER INPUT, GENERATE HIGH-QUALITY AUDIO AND VIDEO STREAMS, AND CONTROL IT FROM THE COMMAND LINE TO AUTOMATE TESTING. WINSIP ACTS AS THOUSANDS OF SIMULTANEOUS INDIVIDUAL ENDPOINTS OR CONNECTIONS IN ANY ONE OF THE FOLLOWING MODES OF OPERATION:

OREKA IS A MODULAR AND CROSS-PLATFORM SYSTEM FOR RECORDING AND RETRIEVAL OF AUDIO STREAMS. THE PROJECT CURRENTLY SUPPORTS VOIP AND SOUND DEVICE BASED CAPTURE. RECORDINGS METADATA CAN BE STORED IN ANY MAINSTREAM DATABASE. RETRIEVAL OF CAPTURED SESSIONS IS WEB BASED.

OREKA CURRENTLY HAS THE FOLLOWING FEATURES:

RECORD VOIP RTP SESSIONS BY PASSIVELY LISTENING TO NETWORK PACKETS. BOTH SIDES OF A CONVERSATION ARE MIXED TOGETHER AND EACH CALL IS LOGGED AS A SEPARATE AUDIO FILE. WHEN SIP OR CISCO SKINNY (SCCP) SIGNALING IS DETECTED, THE ASSOCIATED METADATA IS ALSO EXTRACTED

RECORD FROM A STANDARD SOUND DEVICE (E.G. MICROPHONE OR LINE INPUT). CAN RECORD MULTIPLE CHANNELS AT THE SAME TIME. EACH RECORDING GOES TO SEPARATE AUDIO FILES

OPEN PLUGIN ARCHITECTURE FOR AUDIO CAPTURE MEANS THAT THE SYSTEM IS POTENTIALLY CAPABLE OF RECORDING FROM ANY AUDIO SOURCE

PLUGIN ARCHITECTURE FOR CODECS OR ANY OTHER SIGNAL PROCESSING FILTER

AUTOMATIC AUDIO SEGMENTATION SO THAT CONTINUOUS AUDIO SOURCES CAN BE SPLIT IN SEPARATE AUDIO FILES AND EASILY RETRIEVED LATER

CAPTURE FROM MULTIPLE NETWORK DEVICES IN PARALLEL

CAPTURE FROM PCAP TRACE FILES

VOICE ACTIVITY DETECTION

A-LAW, U-LAW AND GSM6.10 CODECS SUPPORTED AS BOTH WIRE AND STORAGE FORMAT

AUTOMATIC TRANSCODING FROM WIRE FORMAT TO STORAGE FORMAT

RECORDING METADATA LOGGED TO FILE AND/OR ANY MAINSTREAM DATABASE SYSTEM USER INTERFACE RECORDINGS RETRIEVAL CAN BE DONE USING THE FOLLOWING CRITERIA (WHEN AVAILABLE):

TIMESTAMP

RECORDING DURATION

DIRECTION (FOR A TELEPHONE CALL)

REMOTE PARTY (FOR A TELEPHONE CALL)

LOCAL PARTY (FOR A TELEPHONE CALL)

COMPATIBILITY:
OREKA HAS BEEN REPORTED TO WORK ON THE FOLLOWING PLATFORMS AND SHOULD ACTUALLY WORK ON MANY MORE.

FULL AND NORMAL LOGGING: FULL LOGGING RECORDS ALL POSSIBLE EVENTS DURING DIALING (BUSY SIGNALS, NO ANSWERS, CARRIERS, ETC). BY DEFAULT IT ONLY RECORDS THINGS THAT WE MIGHT FIND INTERESTING (CARRIERS, POSSIBLE TELCO EQUIPMENT).

ASCII FLAT FILE AND MYSQL LOGGING: YOU CAN LOG TO A TRADITIONAL ASCII FLAT FILE, AND RECORD INFORMATION INTO A MYSQL DATABASE.

DIALS RANDOMLY OR SEQUENTIALLY.

REMOTE SYSTEM IDENTIFICATION: WHEN FINDING A REMOTE MODEM AND CONNECTING, IWAR WILL REMAIN CONNECTED AND ATTEMPT TO IDENTIFY THE REMOTE SYSTEM TYPE.

KEY STROKE MARKING: WHEN ACTIVELY "LISTENING" TO IWAR WORK, IF YOU HEAR SOMETHING INTERESTING, YOU CAN MANUALLY "MARK" IT BY HITTING A KEY. YOU CAN ALSO ENTER A "NOTE" ABOUT SOMETHING YOU FIND INTERESTING.

MULTIPLE MODEM SUPPORT, BECAUSE… WELL, HEY - THIS IS "UNIX". IWAR WILL SUPPORT AS MANY MODEMS YOU CAN HOOK UP

NICE "CURSES" BASED DISPLAY. THIS MEANS THAT IF YOU'RE USING IWAR FROM A LINUX CONSOLE OR A VT100 BASED TERMINAL, IT SHOULD WORK FINE. IT'S NOT A ESCAPE SEQUENCE KLUDGE, BUT TRUE "CURSES".

FULL CONTROL OVER THE MODEM: UNLIKE OTHER 'KLUDGES', IWAR DOESN'T JUST OPEN THE MODEM AS A TYPICAL "FILE". IT CONTROLS THE BAUD RATE, PARITY, AND CTS/RTS (HARDWARE FLOW CONTROL) DTR (DATA TERMINAL READY). THIS IS IMPORTANT FOR CONTROLLING THE MODEM AND MAKING IT PREFORM THE WAY YOU WANT IT TO DURING SCANNING. FOR EXAMPLE, DTR HANG UPS.

BLACKLISTED PHONE NUMBER SUPPORT: FOR NUMBERS THE SYSTEM SHOULD NEVER DIAL.

SAVE STATE: IF WITHIN THE MIDDLE OF A "WARDIALING" SESSION YOU WANT TO QUIT, YOU CAN SAVE THE CURRENT STATE TO A FILE. THIS ALLOWS YOU TO COME BACK LATER AND RESTART IWAR WHERE YOU LEFT OFF. (VIA THE '-L' OPTION)

LOAD PRE-GENERATED NUMBERS: YOU CAN LOAD A FILE (VIA THE '-L' OPTION) OF NUMBERS THAT YOU WANT TO DIAL. THIS IS USEFUL IF YOU WANT TO LOAD NUMBERS GENERATED BY ANOTHER ROUTINE (PERL/SHELL SCRIPT/ETC).

TERMINAL WINDOW SO YOU CAN WATCH MODEM INTERACTIONS AND CARRIER RESULTS IN REAL TIME

SUPPORT THE IAX2 (INTRA-ASTERISK EXCHANGE) "VOICE OVER IP" (VOIP) PROTOCOL. THIS ALLOWS YOU TO SCAN WITHOUT THE NEED OF ADDITIONAL HARDWARE! TO MY KNOWLEDGE, IWAR IS THE FIRST WAR DIALER WITH VOIP FUNCTIONALITY

IN IAX2 MODE, IWAR ACTS AS A "FULL BLOWN" VOIP CLIENT. IN THIS MODE, KEY 0-9, * AND # PLAY THERE DTMF EQUIVALENTS. IN THIS MODE, YOU CAN ALSO DIRECTLY "TALK" (USING A MICROPHONE) WITH THE REMOTE TARGET IF SO DESIRED.

SIP.TASTIC IS A PASSIVE DICTIONARY ATTACK TOOL ON SIP'S DIGEST AUTHENTICATION METHOD. THE PROGRAM IS WRITTEN PRIMARILY TO TEST VOIP NETWORKS THAT USE SIP FOR SESSION SETUP. THE PROOF OF CONCEPT TOOL SHOWS HOW THE DIGEST AUTHENTICATION PROCESS USED BY SIP ENDPOINTS IS VULNERABLE TO AN OFFLINE BRUTE-FORCE ATTACK. THIS ATTACK ALLOWS MALICIOUS USERS TO STEAL PASSWORDS AND HIJACK ENDPOINT IDENTITIES.

RTPINJECT IS A MINIMAL-SETUP PREREQUISITES ATTACK TOOL THAT INJECTS ARBITRARY AUDIO INTO ESTABLISHED RTP CONNECTIONS. THIS PROGRAM IS WRITTEN PRIMARILY TO DEMONSTRATE THE VULNERABILITY OF THE UNDERLYING MEDIA LAYER FOR VOIP NETWORKS. THE TOOL IDENTIFIES ACTIVE CONVERSATIONS, ENUMERATES THE MEDIA CODEC IN USE, AND ALLOWS FOR THE INJECTION OF AN ARBITRARY AUDIO FILE THAT IS AUTOMATICALLY TRANSCODED INTO THE NECESSARY FORMAT REQUIRED.